Computer platform firmware is used during initialization of computer systems to verify system integrity and configuration. It also generally provides the basic low-level interface between hardware and software components of those computer systems, enabling specific hardware functions to be implemented via execution of higher-level software instructions contained in computer programs that run on the computer systems. In computers, a primary portion of this firmware is known as the Basic Input/Output System (BIOS) of a computer system. The BIOS comprises a set of permanently recorded (or semi-permanently recorded in the case of systems that use Flash Memory BIOS) software routines that provide the system with its fundamental operational characteristics, including instructions telling the computer how to test itself when it is turned on, and how to determine the configurations for various of built-in components and add-on peripherals.
In a typical computer system, the BIOS is generally defined as the code that runs between the processor reset and the first instruction of the Operating System (OS) loader. As shown in FIG. 1, in a typical personal computer (PC) 10, the base portion of the BIOS code is stored in some type of ROM (read only memory) device on the PC's motherboard 12, such as a standard PROM 14 or a Flash Memory 16. In some configurations, this base portion may be extended using code stored in ROM BIOS chips 18 contained on one or more add-on peripheral cards 20, such as SCSI controllers and bus-mastering devices. This portion of the BIOS is stored in components that are commonly referred to as “option ROMS.” The BIOS code in peripheral card ROM BIOS chips 18 typically concerns specific functionality provided by their corresponding peripheral card and is executed during initialization of that peripheral card according to a well-defined (mostly) set of rules. In either of the foregoing configurations, all firmware BIOS is stored locally, either on the motherboard or in option ROMs on the peripheral card(s) added to a system.
In many instances, in order to enhance the computer system's functionality, the BIOS code needs to be updated. In today's computer systems, this may be accomplished by either replacing the BIOS chip(s) on the motherboard (and/or peripheral cards), or, if the BIOS is contained in a rewriteable chip (e.g., Flash Memory), executing a BIOS update software program that writes the new BIOS code to the chip.
Popular methods for updating BIOS on rewriteable chips has certain risks and limitations due to their passive nature and lack of security safeguards. For instance, a user may mistakenly update the current BIOS code with an inappropriate set of new code for a particular computer system. Also, a new BIOS code may be corrupted so that upon computer system reboot, the corrupted code causes a system failure. In another example, an error in writing the new BIOS to a rewriteable chip may result in a system failure upon reboot. Additionally, unauthorized users (e.g., hackers) may try to update the current BIOS code in order to purposefully cause a computer system reboot failure or to gain clandestine access to a computer system.